﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Data.EntityClient;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Routing;
using System.Web.Security;
using BankCreditPortfolio.Models.AccountModels;
using BankCreditPortfolio.DAL;
using BankCreditPortfolio.DAL.Entities;
using BankCreditPortfolio.DAL.Services;

namespace BankCreditPortfolio.Controllers
{
    public class AccountController : BaseController
    {
        //
        // GET: /Account/LogOn

        public ActionResult LogOn()
        {
            return View();
        }

        //
        // POST: /Account/LogOn

        [HttpPost]
        public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                var accountService = new AccountService();
                var currentAccount = accountService.GetByEmail(model.Email);
                if (currentAccount != null)
                {
                    if (PasswordHelper.Verify(model.Password,
                                              new PasswordHash { Hash = currentAccount.Hash, Salt = currentAccount.Salt },
                                              PasswordMode.MD5))
                    {
                        FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe);

                        if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                            && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                        {
                            return Redirect(returnUrl);
                        }
                        else
                        {
                            ViewData["Currency"] = (new CurrencyService()).CreateQuery().ToList();
                            if (accountService.GetRoleByEmail(model.Email).Title == "Admin")
                            {
                                return RedirectToAction("Index", "Admin");
                            }
                            if (accountService.GetRoleByEmail(model.Email).Title == "Client")
                            {
                                return RedirectToAction("Credits", "ClientCabinet");
                            }
                            return RedirectToAction("Orders", "Bank");
                        }
                    }
                    else
                    {
                        ModelState.AddModelError("", "The password provided is incorrect.");
                    }
                }
                else
                {
                    ModelState.AddModelError("", "User with such credentials is not registered in system. Please check your credentials.");
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // GET: /Account/LogOff

        public ActionResult LogOff()
        {
            FormsAuthentication.SignOut();

            return RedirectToAction("Index", "Home");
        }

        //
        // GET: /Account/Register

        public ActionResult Register()
        {
            return View();
        }

        //
        // POST: /Account/Register

        [HttpPost]
        public ActionResult Register(RegisterModel model)
        {
            if (ModelState.IsValid)
            {
                if (model.MapTo(new Client()) != null)
                {
                    FormsAuthentication.SetAuthCookie(model.Email, false /* createPersistentCookie */);
                    return RedirectToAction("Index", "Home");
                }
                else
                {
                    ModelState.AddModelError(String.Empty, "Error oO");
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // GET: /Account/ChangePassword

        [Authorize]
        public ActionResult ChangePassword()
        {
            return View();
        }

        //
        // POST: /Account/ChangePassword

        [Authorize]
        [HttpPost]
        public ActionResult ChangePassword(string button, ChangePasswordModel model)
        {
            if (ModelState.IsValid)
            {

                // ChangePassword will throw an exception rather
                // than return false in certain failure scenarios.
                bool changePasswordSucceeded = false;
                var accountService = new AccountService();
                var currentAccount = accountService.GetByEmail(User.Identity.Name);
                if (currentAccount != null && PasswordHelper.Verify(model.OldPassword,
                    new PasswordHash { Hash = currentAccount.Hash, Salt = currentAccount.Salt }, PasswordMode.MD5))
                {
                    try
                    {
                        var password = PasswordHelper.Encrypt(model.NewPassword, PasswordMode.MD5);
                        currentAccount.Hash = password.Hash;
                        currentAccount.Salt = password.Salt;
                        changePasswordSucceeded = accountService.Update(ref currentAccount);
                    }
                    catch (Exception)
                    {
                        changePasswordSucceeded = false;
                    }
                }
                if (changePasswordSucceeded)
                {
                    return RedirectToAction("ChangePasswordSuccess");
                }
                else
                {
                    ModelState.AddModelError("", "The current password is incorrect or the new password is invalid.");
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // GET: /Account/ChangePasswordSuccess

        public ActionResult ChangePasswordSuccess()
        {
            return View();
        }

        #region Status Codes
        private static string ErrorCodeToString(MembershipCreateStatus createStatus)
        {
            // See http://go.microsoft.com/fwlink/?LinkID=177550 for
            // a full list of status codes.
            switch (createStatus)
            {
                case MembershipCreateStatus.DuplicateUserName:
                    return "User name already exists. Please enter a different user name.";

                case MembershipCreateStatus.DuplicateEmail:
                    return "A user name for that e-mail address already exists. Please enter a different e-mail address.";

                case MembershipCreateStatus.InvalidPassword:
                    return "The password provided is invalid. Please enter a valid password value.";

                case MembershipCreateStatus.InvalidEmail:
                    return "The e-mail address provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidAnswer:
                    return "The password retrieval answer provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidQuestion:
                    return "The password retrieval question provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidUserName:
                    return "The user name provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.ProviderError:
                    return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

                case MembershipCreateStatus.UserRejected:
                    return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

                default:
                    return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
            }
        }
        #endregion
    }
}
